"After conducting extensive tests on its networks, the company said it has no evidence of the compromise resulting in unauthorised activity for eBay users, and no evidence of any unauthorised access to financial or credit card information, which is stored separately in encrypted formats.

"However, changing passwords is a best practise and will help enhance security for eBay users.”

They added: "Working with law enforcement and leading security experts, the company is aggressively investigating the matter and applying the best forensics tools and practises to protect customers.”

EBay, which has more than 233 million users worldwide, had initially issued a notice on its website asking users to change their passwords, but quickly took down the message a short time later without explanation.

It read: "eBay Inc. To Ask All eBay Users To Change Passwords" but had no other information other than the words "place holder text”.

It then issued its much longer statements.

The attack was launched in late February and early March yet was only announced today.

It comes just weeks after the Heartbleed bug wreaked havoc on the internet leaving sites including Google, Amazon, Yahoo and Facebook, open to devastating attacks by hackers.

Millions of people were urged to change their passwords to protect sensitive details – such as log-in codes, emails and banking data – from being stolen.

But because the attacks left no trace, it is unknown how much personal information has already been stolen.

The ebay attack also comes just a month after web giant AOL urged its tens of millions of email account holders to change their passwords and security questions after a cyber attack compromised about two per cent of its accounts.